Information Technology Reference
In-Depth Information
Additional Sources
Books:
•
Atkins, Derek.
Internet Security Professional Reference
, Second Edition. Indianapolis: New Riders
Publishing, 1997.
•
Kaeo, Merike.
Designing Network Security.
Indianapolis: Cisco Press, 1999.
URLs:
•
Internet: www.securityfocus.com (SecurityFocus.com is a single place, or community, on the
Internet where people and corporations can go to find security information and have security
questions answered by leading authorities in the industry. This site provides access to security links
and resources including news, books, mailing lists, tools and products, and security services.)
•
Internet: www.finjan.com (Finjan makes filters and other countermeasures to block the Java Scripts
used to execute session hijacking, session replay attacks, and other “mobile code” attacks.)
•
Newsgroups: alt.2600 (This is a newsgroup of interest to hackers and security experts. It has a vast
amount of information on network intrusion and protection techniques.)
PIX Maintenance
The PIX has two important maintenance features:
•
Password recovery
•
Software upgrades
These are discussed in the next sections.
Password Recovery
The password recovery for the PIX 515 requires a TFTP server to download the password data to it
because that model does not have a floppy drive. For the other PIX models, use the following procedure.
A password recovery image will be available. This image will need to be copied using TFTP to the PIX
just like any new upgrade image.
The TFTP capabilities directly take the place of the floppy loader, so, all previous functions that were
handled with a floppy will be handled with TFTP.
Please note the following:
•
TFTP on the PIX requires that you reboot the PIX.
•
When you enter the ROM monitor, the PIX application
will not
be running, so no traffic will pass in
your network while this operation is being performed.
•
The TFTP server should be on the most secure part of the network (preferably on the inside).
•
Using TFTP for a new image or password recovery will require your network to be offline until this
activity is complete.
•
Once the system is rebooted, the addresses used during the TFTP process do not remain in the
configuration or memory.
